# Copyright 2023 Specter Ops, Inc.
#
# Licensed under the Apache License, Version 2.0
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0

name: Publish Edge Build

on:
  push:
    branches: [main]

env:
  REVISION: v5.0.0-edge

jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    defaults:
      run:
        shell: bash
    steps:
      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
        with:
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: Log in to DockerHub Container registry
        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Log in to GitHub Container registry
        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Setup Buildx
        uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1
        with:
          install: true

      - name: Build Images
        uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          file: ./dockerfiles/bloodhound.Dockerfile
          tags: |
            specterops/bloodhound:edge
            ghcr.io/specterops/bloodhound:edge
          build-args: |
            version=${{env.REVISION}}
            checkout_hash=$GITHUB_SHA
          provenance: false
          push: true

